Situational Awareness

16th July 2020 | Cybrary

Situational awareness is knowledge combined with attitudes and behaviors that work to protect our IT assets. Being aware in cybersecurity means you understand what the threats you face are and that you take action to prevent or minimize them. Situational awareness is an important, valuable tool to have in your toolbox; even if you aren’t in the cyber industry. In 2019, Kaspersky Lab found that 90 percent of corporate data breaches in the cloud happen due to social engineering attacks that target employees. In July 2020, Twitter suffered arguably one of its worst breaches due to a social engineering attack. Awareness doesn’t stop at the door on your way out of work, its needed in our homes and communities as well.

Source: SecurityIntelligence, TechRadar

Additional Reading: Apple Gift Card Email Compromise

Related Terms: Phishing, Social Engineering

What does this mean for an SMB?

SMBs should take action to become more aware and thus more secure. A simple social engineering attack could financially cripple an organization in moments. Follow these tips to improve situational awareness and decrease the chance that your business becomes victim to an attack:

Conduct a NIST-based risk assessment of your organization.
Cybersecurity awareness training for employees.
Test employees with Phishing Campaigns.
Govern employees with cybersecurity policies.
Enable Two-Factor Authentication on every Internet-facing critical account.
Deploy technical protections to catch and mitigate risks when employees make mistakes (Antivirus, AntiSPAM, Anti-Malware, DNS protections, Encryption of data at rest).

CyberHoot works with organizations every day to provide them with the tools they need to become more aware and more secure, including four of the tools mentioned above (Governance Policies, Awareness Training, Phish Testing, and Risk Assessments). Head to CyberHoot.com to learn more!